package be.atbash.ee.security.octopus.oauth2.filter.authc;

import be.atbash.ee.security.octopus.cache.Cache;
import be.atbash.ee.security.octopus.cache.CacheSupplier;
import be.atbash.ee.security.octopus.fake.LoginAuthenticationTokenProvider;
import be.atbash.ee.security.octopus.filter.RestAuthenticatingFilter;
import be.atbash.ee.security.octopus.oauth2.OAuth2UserToken;
import be.atbash.ee.security.octopus.oauth2.info.OAuth2InfoProvider;
import be.atbash.ee.security.octopus.realm.CachingRealm;
import be.atbash.ee.security.octopus.token.AuthenticationToken;
import com.github.scribejava.core.model.OAuth2AccessToken;
import java.util.Date;
import javax.inject.Inject;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;

/* loaded from: input_file:be/atbash/ee/security/octopus/oauth2/filter/authc/AbstractOAuth2AuthenticatingFilter.class */
public abstract class AbstractOAuth2AuthenticatingFilter extends RestAuthenticatingFilter {

    @Inject
    private CacheSupplier cacheSupplier;

    /* loaded from: input_file:be/atbash/ee/security/octopus/oauth2/filter/authc/AbstractOAuth2AuthenticatingFilter$CachedOAuth2User.class */
    public static class CachedOAuth2User {
        private long creationTimeStamp = new Date().getTime();
        private OAuth2UserToken oAuth2User;

        public CachedOAuth2User(OAuth2UserToken oAuth2UserToken) {
            this.oAuth2User = oAuth2UserToken;
        }

        boolean isNotTimedOut() {
            return new Date().getTime() - this.creationTimeStamp < 1800000;
        }

        public OAuth2UserToken getOAuth2User() {
            return this.oAuth2User;
        }
    }

    protected AuthenticationToken createToken(HttpServletRequest httpServletRequest, String str) {
        OAuth2UserToken cachedOAuth2User = getCachedOAuth2User(str);
        if (cachedOAuth2User == null) {
            cachedOAuth2User = useFakeLogin(httpServletRequest, str);
        }
        if (cachedOAuth2User == null) {
            cachedOAuth2User = getOAuth2User(httpServletRequest, str);
            if (cachedOAuth2User != null) {
                cachedOAuth2User.setToken(new OAuth2AccessToken(str));
                setCachedOAuth2User(str, cachedOAuth2User);
            }
        }
        return cachedOAuth2User;
    }

    private void setCachedOAuth2User(String str, OAuth2UserToken oAuth2UserToken) {
        Cache<String, CachedOAuth2User> cache = getCache();
        if (cache != null) {
            cache.put(str, new CachedOAuth2User(oAuth2UserToken));
        }
    }

    private OAuth2UserToken getOAuth2User(HttpServletRequest httpServletRequest, String str) {
        return getInfoProvider().retrieveUserInfo(new OAuth2AccessToken(str), httpServletRequest);
    }

    private OAuth2UserToken useFakeLogin(HttpServletRequest httpServletRequest, String str) {
        OAuth2UserToken oAuth2UserToken = null;
        LoginAuthenticationTokenProvider loginAuthenticationTokenProvider = getLoginAuthenticationTokenProvider();
        if ("localhost".equals(httpServletRequest.getServerName()) && loginAuthenticationTokenProvider != null) {
            oAuth2UserToken = (OAuth2UserToken) loginAuthenticationTokenProvider.determineAuthenticationToken(str);
        }
        return oAuth2UserToken;
    }

    private OAuth2UserToken getCachedOAuth2User(String str) {
        CachedOAuth2User cachedOAuth2User;
        OAuth2UserToken oAuth2UserToken = null;
        Cache<String, CachedOAuth2User> cache = getCache();
        if (cache != null && (cachedOAuth2User = (CachedOAuth2User) cache.get(str)) != null && cachedOAuth2User.isNotTimedOut()) {
            oAuth2UserToken = cachedOAuth2User.getOAuth2User();
        }
        return oAuth2UserToken;
    }

    private Cache<String, CachedOAuth2User> getCache() {
        return this.cacheSupplier.retrieveCache(CachingRealm.CacheName.OAUTH2_TOKEN);
    }

    protected abstract OAuth2InfoProvider getInfoProvider();

    protected boolean onAccessDenied(ServletRequest servletRequest, ServletResponse servletResponse) throws Exception {
        return executeLogin(servletRequest, servletResponse);
    }
}
